We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.

WordPress accounted for 90 percent of all hacked CMS sites in 2018

Roughly 90 percent of all the hacked content management systems (CMSs) Sucuri investigated and helped fix in 2018 were WordPress sites. In a distant second, third, and fourth came Magento (4.6 percent), Joomla (4.3 percent), and Drupal (3.7 percent), according to a report the company published yesterday.

Sucuri experts blamed most of the hacks on vulnerabilities in plugins and themes, misconfiguration issues, and a lack of maintenance by webmasters, who often forgot to update their CMS, themes, and plugins.

Experts said that only 56 percent of the sites they investigated were running an up-to-date CMS at the time they were called in to remediate a hack.

E-commerce sites often left out-of-date

But while 90 percent of all hacked sites were WordPress, most of these were running up-to-date versions. Sucuri said that only 36 percent of the hacked WordPress sites that the company investigated ran an outdated version.

On the other hand, CMSs like PrestaShop, OpenCart, Joomla, and Magento, when found to be hacked, they almost always were running on an out-of-date version.

"Attackers have a high interest in targeting e-commerce websites with valuable customer data (i.e., credit card and user information). It's imperative these website owners update their software to ensure their sites have the latest security enhancements and vulnerability patches."

SEO spam is on the rise

And when the hacks happened, Sucuri said that hackers usually deployed backdoors, with the company finding one on 68 percent of all the compromised sites it investigated.

Sucuri experts said that hackers also used around 56 percent of the hacked sites to host malware for other operations, and deployed SEO spam pages on 51 percent of the hacked sites --a number that has risen in the past year, from 44 percent in 2017.

"[SEO spam] is one of the fastest growing families over the previous years," Sucuri said. "They are difficult to detect and have a strong economic engine driven by impression-based affiliate marketing.

"Websites impacted by SEO attacks often become infected with spam content or redirect visitors to spam-specific pages. Unwanted content is regularly found in the form of pharmaceutical ad placements but may also include injected content for other popular industries like fashion or entertainment (i.e. pornographic material, essay writing, fashion brands, loans, and online gambling)."